Phony MineCraft Apps Infect Millions of Android Devices

Millions around the world enjoy the Lego-like digital world of MineCraft, but you may need to think twice before downloading the popular Minecraft game from the Google Play Store as thousands of fakes have been caught distributing malware.

Security researchers have warned that roughly three million Android users have downloaded and installed malicious Minecraft apps to their smartphone devices for the past few months.

Antivirus and security firm, ESET, researchers uncovered a troubling 33 phony “scareware” applications live in the Google Play Store, and have been active over the past nine months, posing as a Minecraft cheat and tip guides.

The firm revealed these malicious applications had been installed on roughly 660,000 to 2.8 million Android devices. Several individual applications had racked several hundreds of thousands of installs.

“All of the discovered apps were fake in that they did not contain any of the promised functionality and only displayed banners that tried to trick users into believing that their Android system is infected with a dangerous virus,” said Lukas Stefanko, an ESET security researcher in a blog post last Friday.

Stefanko said once the app is downloaded, the malicious MineCraft apps trick victims into believing their Android smartphone has been infected with a virus. The alert allows victims an option to remove the fictitious virus from the device, stating that if you insert your mobile number you can remove the virus for free, while simultaneously signing victims up to a premium-rate SMS subscription service that will run users around $5.27 per week, totaling to around $270 per year.

Once the virus infects the device, a text appearing to be an anti-virus activation code messages the device, giving a link and alleged code to scan your device from a reputable anti-virus vendor such as G-Data.

Researchers say victims who installed the malicious Minecraft app believed it was genuine since they were able to download and install it via the Google Play Store. Further aiding users belief that the application was real, as it eliminating the need to visit shady 3rd-party sites.

ESET identified all the thirty three scareware applications to be written by the same developer, but were published under different names and icons throughout the Google store. “They were uploaded to the Play store by different developer accounts, but we assume that these were all created by one person,” Stefanko said speaking on the apps.

ESET has since reported the malicious Minecraft apps to Google Play and the company have since removed the faulty apps from the market. However, researchers believe you can protect yourself from falling victim to similar attacks in the future by running a trusted anti-virus software on your smartphone and by not installing applications from unknown sources, not that this would have applied in this recent case.

This is not the first, and presumably not the last time Google Play Store has been caught distributing malware-laden applications. Google’s Android market has had a long history of fake and malicious applications, including the longstanding #1 anti-virus app charging $4.99 to do absolutely nothing.

However, the internet giant has been working to mitigate the issue and enhance the quality of apps in the Google Play Store by making use of a bot to automatically scan apps and accurately identify malware. Google’s scanner has shown a significant improvements in detections, catching up to 40 percent of apps since 2011. Though, Google has since mitigated the issue entirely, pushing all apps to be manually reviewed by Play Store staffers through an app submission portal.